System and method for regulating electronic messages

ABSTRACT

A system for regulating e-mail comprises a database of information profiling legitimate e-mail usage. When an e-mail is received at the system, it is scrutinized relative to the information in the database. If the e-mail is found to be legitimate based upon this evaluation, it is delivered to the intended recipient. If, however, the e-mail appears on the basis of the evaluation to be the last in a series of illegitimate e-mails or otherwise has characteristics inconsistent with the profile of legitimate e-mail usage, the e-mail may not be delivered and the postmaster and administrator at the source of the e-mail is contacted.

CROSS-REFERENCE TO RELATED APPLICATIONS

This application is a continuation of U.S. application Ser. No.09/888,719, filed Jun. 25, 2001, now pending, which is herebyincorporated by reference in its entirety.

FIELD OF THE INVENTION

The present invention relates generally to electronic messaging systemssuch as, for example, e-mail and instant messaging, and moreparticularly, to systems and methods for intelligently regulating suchelectronic messaging systems.

BACKGROUND OF THE INVENTION

Over the past fifteen years, the use of electronic messaging systemssuch as e-mail and instant messaging has experienced tremendous growth.People regularly send and receive e-mails and instant messages at alltimes of the day from work, from home, and even from mobile devices.Indeed, for many people, e-mail and instant messaging has become aprimary means of communication.

While e-mail, instant messaging, and other such electronic messagingsystems represent great technologies and have enhanced communication inour society, they do not come without costs. As an example, e-mail usersspend significant amounts of time reviewing and replying to the numerouse-mails that they receive daily. This task has been made more cumbersomeand time consuming by the large quantities of junk e-mail, or SPAM, thatcontinuously flows into e-mail in-boxes. E-mail users must sort thisSPAM in order to get to the e-mail that he or she desires to view.Instant messaging users are presented with similar problems indiscerning from whom to receive messages.

The dramatic rise in e-mail and instant messaging usage has come at acost to the organizations that maintain computer networks as well. Inorder to service the growing electronic messaging traffic, Internetservice providers (ISP's) and corporate computer departments have neededto continuously upgrade their systems. Furthermore, additional personnelare required to run these systems and must be routinely trained on thenew systems. Frequently, despite the best efforts of ISP's and corporatecomputer departments, the growth in demand for electronic messagingservices outpaces the added capacity provided by system upgrades.

Applicant has recognized that requiring e-mail users to sift throughever increasing amounts of e-mail, much of which is junk e-mail, andrelying upon ISP's and corporate computer departments to continuouslyupgrade their equipment to service the electronic messaging, is a lessthan optimal situation. Applicant has recognized that there exists aneed to intelligently regulate the flow of e-mail and instant messages,particularly that which is commercial in nature. Indeed, systems andmethods are needed to monitor the types and amounts of electronicmessages that are being received and to regulate those electronicmessages depending upon the source and characteristics of the messages.It would be a significant improvement in the art to provide systems andmethods for recognizing junk messages and limiting the amount that isreceived in a given period. Such an improvement would reduce the amountof SPAM received by users and would preserve scarce system resources forlegitimate messages.

SUMMARY OF THE INVENTION

Briefly, the present invention meets these and other needs in the art.

Generally, the invention relates to systems and methods forintelligently regulating electronic messages. A system in accordancewith the invention comprises an electronic message server with access toa database of information profiling legitimate electronic message usage.When an electronic message is received at the electronic message server,it is scrutinized relative to the information in the database. If theelectronic message is found to be legitimate based upon this evaluation,it is delivered to the intended recipient. If, however, the electronicmessage appears on the basis of the evaluation to be the last in aseries of illegitimate usage or otherwise has characteristicsinconsistent with the profile of legitimate electronic message usage,the electronic message may not be delivered and the postmaster oradministrator at the site from which the electronic message originatedis contacted.

According to an aspect of the invention, the administrator or postmastermay register sources from which he or she anticipates receivingelectronic messages. Electronic messages received from registeredsources may be evaluated under different criteria than those receivedfrom unregistered sources. During the registration process, thepostmaster may define a profile for the registered source defining theamounts and types of e-mails that are acceptable from the particularsource. The list of registered sites is stored in a database along withthe profile data for those registered sources.

A database in accordance with an aspect of the invention stores datathat is used in evaluating electronic messages. The database comprisesdata defining acceptable electronic message usages from both registeredand unregistered sources.

With respect to unregistered sources, the database comprises a list ofcategories of sources from which electronic messages might be received.These categories are referred to herein as “electronic message sourcecategories.” Typical electronic message source categories might include,for example, the following: large ISP—designating ISP's servicing alarge number of users; medium ISP—designating ISP's servicing a mediumnumber of users; small ISP—designating ISP's servicing a small number ofusers; .gov—designating sources in the .gov domain; .edu—designatingsources in the .edu domain; and .com—designating sources in the .comdomain. Of course, other electronic message source categories may beused depending upon the type of electronic messages that it is desiredto regulate.

The database further comprises a set of target statistics for each ofthe electronic message source categories. For example, the targetstatistics might include a maximum electronic message volume that may bereceived in a prescribed period of time from a source in a particularsource category. The database may prescribe, for example, that a maximumof 200,000 e-mails may be received and processed from a source that isclassified in the “.edu” source category. As explained in further detailbelow, the category statistics operate as benchmarks for the electronicmessage sources that fall within the particular category.

A set of target electronic message profiles is also maintained in thedatabase for each electronic message source category. The targetelectronic message profiles identify target characteristics forelectronic messages that are received from a source in a particularsource category. For example, the target electronic message profile fora particular source category might identify the maximum size for ane-mail, the types of attachments that might be included with the e-mail,and the maximum number of “hops” that the e-mail may have taken prior toarriving at the electronic message server. These characteristics areused as benchmarks to identify irregular electronic message activities.

The database further comprises a set of statistics for each electronicmessage source. The statistics are continuously updated to reflect eachelectronic message that is received from a particular source. Forexample, each time an e-mail or an instant message is received in thesystem from a particular source such as, for example, www.bellsouth.com,the statistic holding the counter of e-mails or instant messagesreceived from that particular site is incremented.

For each source that has been registered by the postmaster, a profile isestablished in the database identifying target statistics for eachregistered source and the types of electronic messages that are expectedto be received from the source. The profile data for a registered sourcemay include much of the same data that is collected for unregisteredsites including the maximum size for an e-mail, the types of attachmentsthat might be included with the e-mail, and the maximum number of “hops”that the e-mail may have taken prior to arriving at the electronicmessage server. The profile for a registered source might also identifywhether the source has agreed to pay for certain services such aspayment for the delivery of e-mail or the creation of e-mail usagereports.

An electronic message server in accordance with the invention implementsmethods using the above-described database to intelligently regulate theflow of electronic messages. According to a method in accordance withthe invention, upon receipt of an electronic message, the source of theelectronic message is identified and the statistics that are maintainedfor the electronic message source are updated to reflect the arrival ofthe new electronic message. For example, if an e-mail or instant messageis received from smith@bellsouth.com, the statistic in the databaseidentifying the number of e-mails or instant messages from bellsouth.comand the range of IP addresses that are associated with bellsouth.com areincremented.

Those skilled in the art will recognize that an electronic message thathas been forwarded numerous times may have multiple domains or “sources”listed in its header. A single electronic message may be said to have“originated” from more than one source. Therefore, according to anaspect of the invention, for purposes of regulating messages anelectronic message may be designated as originating from more than onesource. For example, a single electronic message may be said to haveoriginated from the first or the last “hop” identified in the headerinformation. An electronic message that is designated as havingoriginated from more than one domain is evaluated as described belowtwice, once for each of the two sources.

After the source of an electronic message has been identified, it isdetermined whether the source is registered or not. If so, theelectronic message is evaluated relative to the profile data stored forthe particular registered source.

If the electronic message was received from an un-registered source, thesource category corresponding to the un-registered source is identified.With respect to the example e-mail or instant message fromsmith@bellsouth.com, the “.com” source category is identified. Thestatistics for the source of the e-mail or instant message, which havebeen updated to reflect receipt of the e-mail or instant message, arecompared to the target statistics for the particular category. If thestatistics for the source fail to comply with the benchmark targetstatistics, the sender and/or postmaster of the source from which thee-mail or instant message is received is automatically notified of suchif it is a registered source. For example, if the volume of e-mailreceived from the source bellsouth.com exceeds the target volume, whichmay be indicative that SPAM is originating from bellsouth.com, an e-mailis sent to the sender and/or postmaster at www.bellsouth.com. The e-mailmight indicate, for example that the amount of e-mail originating fromthe site has reached an unacceptable level along with a request toeither reduce the volume of e-mail being forwarded or to contact thepostmaster at the destination site. The postmaster of the e-mail systemat bellsouth.com can investigate the cause for the excessive e-mailactivity and if it turns out to be legitimate and was not a one-timeoccurrence, may interact with the postmaster at the recipient tonegotiate accepting a larger volume of e-mail.

An electronic message server in accordance with the invention alsooperates to regulate the flow of electronic messages based upon acomparison of the electronic messages to a profile of acceptableelectronic message characteristics. Accordingly, when an electronicmessage is received, and after it's source and source category have beenidentified as explained above, the profile for an acceptable electronicmessage from the particular source criteria are retrieved. If theelectronic message fails to fall within the profile for the sourcecategory, it may be indicative of a virus or possibly SPAM, in whichcase, the electronic message is not delivered to the intended recipientbut instead is returned to the sender and/or the postmaster of the sitefrom which the electronic message originated.

If the electronic message satisfies the profile, it is further evaluatedagainst a list of known viruses. If a virus is detected, the message isnot delivered and the postmaster is notified. If, however, no virus isdetected, the electronic message is delivered to the intended recipient.

Additional aspects of the invention are described in detail below.

BRIEF DESCRIPTION OF THE DRAWINGS

Other features of the invention will be further apparent from thefollowing detailed description of presently preferred exemplaryembodiments of the invention taken in conjunction with the accompanyingdrawings, of which:

FIG. 1 is a high level diagram of a network for transmitting electronicmessages;

FIG. 2 is a block diagram of a computing system suitable for use in anembodiment of the present invention;

FIG. 3 is a diagram illustrating the functional components of a servercomputer or cluster of server computers for use in an embodiment of thepresent invention;

FIG. 4 is a diagram representing data entities stored in a databasesystem in accordance with an embodiment of the present invention;

FIGS. 5A, 5B, and 5C are flow diagrams of a method in accordance withthe invention for managing electronic messages; and

FIG. 6 is a flow diagram of a process for registering a source with thesystem.

DETAILED DESCRIPTION OF THE INVENTION

A system and method with the above-mentioned beneficial features inaccordance with a presently preferred exemplary embodiment of theinvention will be described below with reference to FIGS. 1-6. It willbe appreciated by those of ordinary skill in the art that thedescription given herein with respect to those figures is for exemplarypurposes only and is not intended in any way to limit the scope of theinvention. All questions regarding the scope of the invention may beresolved by referring to the appended claims.

Generally, the invention relates to systems and methods of intelligentlyregulating electronic messages. A system in accordance with theinvention comprises an electronic message server with access to adatabase of information profiling legitimate electronic message usage.When an electronic message is received at the server, it is scrutinizedrelative to the information in the database. If the electronic messageis found to be legitimate based upon this evaluation, it is delivered tothe intended recipient. If, however, the electronic message appears onthe basis of the evaluation to be the last in a series of unexpectedusage or otherwise has characteristics inconsistent with the profile oflegitimate electronic message usage, the electronic message may not bedelivered and the sender and/or the postmaster at the site from whichthe electronic message originated is contacted.

An exemplary embodiment of a system and method for regulating electronicmessages is described below. Specifically, a system and method forregulating e-mail is described below. The systems and methods arepresented for exemplary purposes only and are not meant to limit thescope of the invention. Accordingly, those skilled in the art recognizethat the invention applies to other types of electronic messages otherthan e-mail such as, for example, instant messages. Indeed, the presentinvention applies to any type of electronic message that can be said tooriginate from a particular Internet domain.

FIG. 1 is a high level diagram of an exemplary computer network forcommunicating e-mail. As shown, three e-mail servers 110, 112, and 114are operable to communicate with one another over network 116, which maybe for example, the Internet. E-mail servers 110, 112, and 114communicate e-mails. E-mail servers 110, 112, and 114 may be operated byan ISP, a corporate computer department, or any other organization witha mail server connected to Internet 116. Each of mail servers 110, 112,and 114 are accessible by client stations 118 from which users send andreceive e-mails and browse web pages. Client stations 118 may connect tomail servers via a local area network (LAN) 120, as shown in relation toserver 110, or using a remote connection device 122 such as, forexample, a modem, as is shown in connection with servers 112 and 114.

In the system of FIG. 1, e-mails are composed at client stations 118 andforwarded to one of e-mail servers 110, 112, and 114. E-mail servers110, 112, and 114 communicate the e-mails over Internet 116 using SMTPand POP protocols. The e-mails are ultimately delivered at one of e-mailservers 110, 112, and 114. Client stations 118 use client e-mailsoftware to access the e-mail from the servers.

E-mail servers 110, 112, and 114 comprise e-mail server software.Specifically, servers 110, 112, and 114 comprise simple mail transferprotocol (SMTP) and post office protocol (POP) software for receivingand routing e-mail. Those skilled in the art will recognize that whileservers 110, 112, and 114 are depicted using a single machine in FIG. 1,the servers may comprise a plurality of computing machines, i.e. morethan a single server machine may be employed to provide thefunctionality described herein as being provided by the server.

Client stations 118 comprise e-mail client software for communicatingwith e-mail servers 110, 112, and 114. Those skilled in the art willrecognize that while client stations 118 are depicted as desk topcomputers, virtually any type of computing machine such as, for example,a PDA, a cell phone, or a lap top computer are suitable as an e-mailclient.

E-mail servers 110, 112, and 114 as well as client stations 118 aregeneric computing systems. FIG. 2 is a block diagram of a genericcomputing system suitable for use in a system in accordance with thepresent invention. As shown, computing device 320 includes processingunit 322, system memory 324, and system bus 326 that couples varioussystem components including system memory 324 to the processing unit322. The system memory 324 might include read-only memory (ROM) andrandom access memory (RAM). The system might further include hard-drive328, which provides storage for computer readable instructions, datastructures, program modules and other data. A user may enter commandsand information into the computer 320 through input devices such as akeyboard 340 and pointing device 342. A monitor 344 or other type ofdisplay device is also connected to the system for output.Communications device 343, which in one embodiment may be a modem,provides for communications over network 102. Processor 322 can beprogrammed with instructions to interact with other computing systems soas to perform the algorithms described below with reference to FIGS.5A-C and 6. The instructions may be received from network 102 or storedin memory 324 and/or hard drive 328. Processor 322 may be loaded withany one of several computer operating systems such as Windows NT,Windows 2000, or Linux.

FIG. 3 is a diagram of the software components of e-mail servers 110,112, and 114. As shown, servers 110, 112, and 114 comprise SMTP serversoftware 310, POP server software 312, regulating software 314, anddatabase 316. SMTP server software 310 operates according to knownmethods to route outgoing e-mails. POP server software 312 similarlyoperates according to know methods to route incoming e-mails. Regulatingsoftware 314 operates as described below in connection with FIGS. 5A-Cand 6 to regulate e-mail flowing between servers. Regulating databasesoftware 316 implements the data structure described below withreference to FIG. 4 and stores the data used by regulating software 314.

FIG. 4 is a diagram depicting various entities and relationshipsestablished in a database system in accordance with an aspect of thepresent invention. As shown, a database, which may be maintained byserver 110, 112, or 114, has stored therein data representing sourcecategories 410. The source categories 410 represent a list of categoriesof sources from which e-mail may be received. These categories arereferred to herein as “e-mail source categories” and are used in theevaluation of e-mails from un-registered sources. Typical e-mail sourcecategories might include, for example, the following: largeISP—designating ISP's servicing a large number of users; mediumISP—designating ISP's servicing a medium number of users; smallISP—designating ISP's servicing a small number of users;.gov—designating sources in the .gov domain; .edu—designating sources inthe .edu domain; and .com—designating sources in the .com domain. Ofcourse, other e-mail source categories may be used depending upon thetype of e-mail that it is desired to regulate.

Each source category has a set of target statistics 412 associatedtherewith. Target statistics might include, for example, a maximume-mail volume that may be received in a prescribed period of time from asource in a particular source category. The database may prescribe, forexample, that a maximum of 200,000 e-mails per hour may be received andprocessed from a source that is classified in the “.edu” sourcecategory. The target statistics may further specify that the amount andtypes of e-mails that are allowed vary during different periods of theday. For example, during the off-peak hours of 12 AM to 5 AM, a largernumber of e-mails may be accepted than during normal processing hours.Such a restriction may encourage postmasters to time-shift the deliveryof unimportant e-mail. As explained in further detail below, thecategory statistics operate as benchmarks for the un-registered e-mailsources that fall within the particular category.

Each source category also has an e-mail profile 414 associatedtherewith. The target e-mail profile 414 identifies targetcharacteristics for e-mails that are received from an un-registeredsource in a particular source category. For example, the target e-mailprofile 414 for a particular source category might identify the maximumsize for an e-mail, the maximum number of recipients, the types ofattachments that might be included with the e-mail, the maximum numberof hops that the e-mail may have taken prior to arriving at the mailserver, and whether the source has agreed to be charged for delivery ofe-mail. These characteristics are used as benchmarks to identifyirregular mail activities.

A plurality of e-mail sources 416 may be associated with any one sourcecategory 410. For example, the “.com” source category may have aplurality of e-mail sources. Thus, sources such as, for example,bellsouth.com and hotmail.com would be related to the “.com” sourcecategory. For sources that have been registered, a designation of suchis made in the database.

The database further comprises a set of statistics 418 for each e-mailsource 416. The statistics are continuously updated to reflect eache-mail that is received from a particular source. For example, each timean e-mail is received in the system from a particular source such as,for example, bellsouth.com, the statistic holding the counter of e-mailsreceived from that particular site is incremented. The statistics mayalso reflect the time and date that e-mails are received.

The database still further comprises a profile 420 for e-mails receivedfrom each registered source. Thus, the postmaster may, during theprocess of registration, define specific guidelines or a profile fore-mails from the registered source. The items that are part of theprofile may be the same or similar to those used in connection withun-registered e-mail but the specific target values for the registeredsite may vary depending upon the postmaster's judgment and theparticulars of the registered site.

Finally, the database may comprise target statistics 422 for eachregistered source. Accordingly, during the registration process, thepostmaster may define specific target statistics for the registeredsite. The types of statistics that are required for registered sites maybe the same or similar to those required for un-registered sources.However, the statistics for the registered source may be defined by thepostmaster to reflect agreements that have been arranged with theregistered source. For example, by agreement the communication ofe-mails from the registered source may be skewed to be received duringoff-peak hours. Such an arrangement may be reflected in the statisticsfor the particular registered source. Furthermore, the statistics for aregistered source may specify that the source has agreed to pay forservices such as the delivery of e-mail.

The process of registering a source involves identifying the source,specifying target statistics for the source, and specifying an e-mailprofile for e-mails from the source. This information is gathered fromthe postmaster, preferably through a series of interactive screens, andstored in the database.

FIG. 6 provides a flowchart of a process for registering an e-mailsource. At step 610, the postmaster identifies the source that is to beregistered. The source may be identified by domain name, IP address, orany other means that uniquely identifies and Internet domain. At step612, the postmaster specifies the target statistics for the source. Forexample, the postmaster may specify that between the hours of 8 AM and 8PM, the maximum number of e-mails that may be received from the sourceshould be 100,000, while between the hours of 8 PM and 8 AM 200,000e-mails may be received per hour. The postmaster may also specify thatthe source has agreed to pay for services such as delivery of e-mail. Atstep 614, the postmaster defines the target profile characteristics fore-mails from the registered source. For example, the postmaster mayspecify that e-mails from the registered source should not containattachments or the attachments should be less than a prescribed filesize.

FIG. 5A is a flowchart of a method for regulating e-mails in accordancewith an aspect of the invention. As shown, at step 510, an e-mail isreceived at an e-mail server. For example, an e-mail may be receivedfrom smith@yahoo.com. At step 512, the regulating software 314identifies the source of the e-mail. With respect to the exemplarye-mail from smith@yahoo.com, the source is identified as yahoo.com.

Those skilled in the art will recognize that an electronic message thathas been forwarded numerous times may have multiple domains or “sources”listed in its header. Arguably, a single electronic message may be saidto have “originated” from more than one source. Therefore, according toan aspect of the invention, at step 512 an electronic message may bedesignated as originating from more than one source. For example, asingle electronic message may be said to have originated from the firstor the last “hop” identified in the header information. An electronicmessage that is designated as having originated from more than onesource is evaluated twice in the manner described below—once for each ofis the two sources.

At step 514, regulating software 314 updates the e-mail statistics 418that are stored in database 316 to reflect receipt of the e-mail. Forexample, the statistic used to hold the counter of the number of e-mailsreceived from yahoo.com is incremented.

At step 515, regulating software 314 determines if the source has beenregistered by the postmaster. If the source is determined to beregistered as defined in the database entity 416, processing continuesat step 517 as depicted in FIG. 5B. At step 517, the e-actual mailstatistics 418 for the registered source of the e-mail are compared tothe target statistics 422 for the registered source as determined by thepostmaster. With respect to the example e-mail, assuming “yahoo.com” isa registered source, the statistics associated with “yahoo.com” arecompared to the target statistics defined by the postmaster. At step519, regulating software 414 determines whether the source statistics418 fail to comply with the target statistics 422. For example, thevolume of e-mails received over the course of the last hour from thesource “yahoo.com” is compared with the target value for volume ofe-mail specified by the postmaster for the registered source. If thevalue for the statistic of the source does not correspond to the targetstatistic as defined for the particular source, at step 521, thepostmaster at the registered source is notified. For example, if thevolume of e-mails received from “yahoo.com” is determined to be outsidethe benchmark specified by the postmaster for the source, an e-mail issent to the postmaster of yahoo.com apprising him or her of thesituation.

At step 523, regulating software 314 retrieves the profile ofcharacteristics for e-mails 420 received from the particular registeredsource. At step 525, the characteristics of the e-mail underconsideration are compared to the e-mail profile 420 defined by thepostmaster for the registered source. For example, the characteristicsfor the e-mail from smith@yahoo.com are compared to the e-mail profilecharacteristics specified by the postmaster for the registered source.For example, the comparison might include determining if the number ofrecipients exceeds the limit stored in the e-mail profilecharacteristics.

If at step 527, the characteristics of the e-mail under considerationconflict with the profile defined for the registered source, at step529, the sender and the postmaster of the source web site are notified.If at step 527, there is no discrepancy between the e-mail and theprofile 420, the e-mail is delivered to the intended recipient asspecified at step 531.

Referring back to FIG. 5A, if at step 515, regulating software 314determines that the source has not been registered, processing continuesat step 516 as depicted in FIG. 5C. At step 516, regulating software 314identifies the source category with which the source of the e-mail isrelated. With respect to the example, the source of the e-mail,“yahoo.com,” is identified as being associated with the “.com” sourcecategory. It should be noted that sources could also be identified byway of an IP address.

At step 518, the e-mail statistics 418 for the source of the e-mail arecompared to the target statistics 412 for the source category. Withrespect to the example e-mail, the statistics associated with“yahoo.com” are compared to the target statistics associated with “.com”source category. At step 520, regulating software 414 determines whetherthe source statistics fail to comply with the target statistics for theassociated source category. For example, the volume of e-mails receivedover the course of the last hour from the source “yahoo.com” arecompared with the target value for volume of e-mail associated with thesource category “.com.” If the value for the statistic of the sourcedoes not correspond to the target statistic for the associated sourcecategory, at step 522, the postmaster at the source is notified. Forexample, if the volume of e-mails received from “yahoo.com” isdetermined to be outside the benchmark set for the “.com” sourcecategory, an e-mail is sent to the postmaster of yahoo.com apprising himor her of the situation.

At step 524, regulating software 314 retrieves the profile ofcharacteristics for e-mails received from the relevant source category.With respect to the example, the e-mail profile 414 is retrieved for the“.com” source category. At step 526, the characteristics of the e-mailunder consideration are compared to the e-mail profile. For example, thecharacteristics for the e-mail from smith@yahoo.com are compared to thee-mail profile characteristics stored in relation to the “.com” sourcecategory. The comparison might include determining if the number ofrecipients exceeds the limit stored in the e-mail profilecharacteristics.

If at step 528, the characteristics of the e-mail under considerationconflict with the profile associated with the source category, at step530, the sender and the postmaster of the source web site are notified.

At step 532, the e-mail is evaluated against a known set of viruses. Ifa virus is detected at step 534, the e-mail is not delivered and thepostmaster and/or administrator are notified at step 536. If, however,no viruses are detected, at step 538, the e-mail is delivered to theintended recipient.

It should be noted that in alternative embodiments, if at step 520, thesource statistics did not comply with the target statistics or at step528 the e-mail characteristics did not comply with the e-mail profile,the e-mail might not be delivered to the intended recipient but returnedto user from which the e-mail was forwarded.

Finally, at step 540, any counters that are used in connection with thecollection of statistics for the source and which need to be reset, arereset. For example, if one of the statistics that is collected for asource is the number of e-mails received during the current hour and thehour has expired, the counter is reset at step 540.

Thus, systems and methods for regulating the flow of electronic messageshave been disclosed. These novel systems and methods allow postmastersand administrators to place limits on the type and amounts of electronicmessages that are accepted into the system. This will help postmastersand administrators slow the influx of SPAM and save resources forlegitimate uses.

Those skilled in the art understand that computer readable instructionsfor implementing the above described processes, such as those describedwith reference to FIG. 5, can be generated and stored on one of aplurality of computer readable media such as a magnetic disk or CD-ROM.Further, a computer such as that described with reference to FIG. 2 maybe arranged with other similarly equipped computers in a network, andeach computer may be loaded with computer readable instructions forperforming the above described processes. Specifically, referring toFIG. 2, microprocessor 322 may be programmed to operate in accordancewith the above-described processes.

While the invention has been described and illustrated with reference tospecific embodiments, those skilled in the art will recognize thatmodification and variations may be made without departing from theprinciples of the invention as described above and set forth in thefollowing claims. For example, while the invention has been described asbeing used to regulate the in-flow of e-mail at a mail server, theinvention might also be used to regulate the out-flow of e-mail at a webserver. Furthermore, the invention may be employed to regulate the flowof all types of electronic messages, including instant messaging.Accordingly, reference should be made to the appended claims asindicating the scope of the invention.

1. A method for regulating electronic messages comprising: maintaining,by a computer, statistics for a plurality of registered electronicmessage source domains; maintaining, by the computer, target statisticsfor the plurality of registered electronic message source domains,wherein the target statistics for one of the plurality of registeredelectronic message source domains are reflective of an agreement withthe one registered electronic message source domain and differ from thetarget statistics being maintained for an other of the plurality ofregistered electronic message source domains that are reflective of anagreement with the other registered electronic message source domain,the agreement of the one registered electronic message source domainincluding an agreement to pay for delivery of electronic messages fromthe one registered electronic message source domain; receiving anelectronic message from the one of the plurality of registeredelectronic message source domains, and in response to receiving theelectronic message from the one of the plurality of registeredelectronic source domains, determining whether the electronic messageoriginates from more than one source based on the number of hops thatthe electronic message has taken and updating the maintained statisticsfor the one of the plurality of registered electronic message sourcedomains to reflect receipt of the electronic message; determining, bythe computer, whether the updated maintained statistics for the one ofthe plurality of registered electronic message source domains complywith the target statistics for the one of the plurality of registeredelectronic message source domains; determining, by the computer, whetherthe electronic message from the one of the plurality of registeredelectronic message source domains complies with target profilecharacteristics established for an electronic message from the one ofthe plurality of registered electronic message source domains, thetarget profile characteristics for the one of the plurality ofregistered electronic message source domains and the target statisticsfor the one of the plurality of registered electronic message sourcedomains being different, the target profile characteristics for the oneof the plurality of registered electronic message source domains and thetarget statistics for the one of the plurality of registered electronicmessage source domains being stored in a profile associated with the oneof the plurality of registered electronic message source domains; and ifeither the updated maintained statistics no longer comply with thetarget statistics for the one of the plurality of registered electronicmessage source domains or the electronic message received from the oneof the plurality of registered electronic message source domains doesnot comply with target profile characteristics established for anelectronic message from the one of the plurality of registeredelectronic message source domains, taking a remedial action for thereceived electronic message from the one of the plurality of registeredelectronic message source domains.
 2. The method of claim 1, wherein themaintained statistics for one of the plurality of registered electronicmessage source domains comprise the number of electronic messagesreceived.
 3. The method of claim , wherein the maintained statistics forone of the plurality of registered electronic message source domainscomprises the number of electronic messages received within a period. 4.The method of claim 1, further comprising determining whether anelectronic message received is from one of the plurality of registeredelectronic message source domains.
 5. The method of claim 4, wherein thetarget statistics for the one of the plurality of registered electronicmessage source domains comprise a limit on the number of electronicmessages received from the one of the plurality of registered electronicmessage source domains within a period.
 6. The method of claim 1,wherein the agreement with the one registered electronic message sourcedomain includes receiving electronic messages from the one of theplurality of registered electronic message source domains duringoff-peak hours.
 7. The method of claim 1, wherein the remedial actioncomprises at least one of performing a notification and returning theelectronic message to the sender of the electronic message.
 8. Themethod of claim 1, wherein the target profile characteristics relate toat least one of a size of an electronic message received from the one ofthe plurality of registered electronic message source domains, a type ofattachments for an electronic message received from the one of theplurality of registered electronic message source domains, a number ofrecipients for an electronic message received from the one of theplurality of registered electronic message source domains, and a numberof hops that an electronic message received from the one of theplurality of registered electronic message source domains had taken. 9.The method of claim 8, wherein the target profile characteristicscomprise a size limit for an electronic message received from the one ofthe plurality of registered electronic message source domains.
 10. Themethod of claim 8, wherein the target profile characteristics comprisethe types of attachments that are acceptable for an electronic messagereceived from the one of the plurality of registered electronic messagesource domains.
 11. The method of claim 8, wherein the target profilecharacteristics comprise a limit of the number of recipients for anelectronic message received from the one of the plurality of registeredelectronic message source domains.
 12. The method of claim 8, whereinthe target profile characteristics comprise a limit on the number ofhops that an electronic message received from the one of the pluralityof registered electronic message source domains had taken.
 13. Themethod of claim 8, wherein the remedial action comprises at least one ofperforming a notification and returning the electronic message to thesender of the electronic message.
 14. The method of claim 8, wherein theremedial action comprises performing a notification.
 15. The method ofclaim 1, further comprising maintaining statistics for a plurality ofunregistered sources.
 16. The method of claim 15, further comprising, ifan electronic message is received from one of the plurality ofunregistered sources, updating the maintained statistics for the one ofthe plurality of unregistered electronic message sources to reflectreceipt of the electronic message.
 17. The method of claim 16, furthercomprising determining whether the updated maintained statistics for theone of the plurality of unregistered electronic message sources complieswith target statistics for electronic message sources in a category towhich the unregistered electronic message source belongs.
 18. The methodof claim 17, further comprising taking a remedial action if the updatedmaintained statistics for the one of the plurality of unregisteredelectronic message sources fails to comply with target statistics forelectronic message sources in a category to which the unregisteredelectronic message source belongs.
 19. The method of claim 18, whereinthe remedial action comprises at least one of performing a notificationand returning the electronic message to the sender of the electronicmessage.
 20. The method of claim 17, wherein the target profilecharacteristics relate to at least one of a size of an electronicmessage received from an unregistered electronic message source, a typeof attachments for an electronic message received from an unregisteredelectronic message source, a number of recipients for an electronicmessage received from an unregistered electronic message source, and anumber of hops that an electronic message received from an unregisteredelectronic message source had taken.
 21. The method of claim 20, whereinthe target profile characteristics comprise a size limit for anelectronic message received from an unregistered electronic messagesource.
 22. The method of claim 20, wherein the target profilecharacteristics comprise the types of attachments that are acceptablefor an electronic message received from an unregistered electronicmessage source.
 23. The method of claim 20, wherein the target profilecharacteristics comprise a limit of the number of recipients for anelectronic message received from an unregistered electronic messagesource.
 24. The method of claim 20, wherein the target profilecharacteristics comprise a limit on the number of hops that anelectronic message received from an unregistered electronic messagesource had taken.
 25. The method of claim 20, wherein the remedialaction comprises at least one of performing a notification and returningthe electronic message to the sender of the electronic message.
 26. Themethod of claim 17, further comprising, if the electronic messagereceived from the one of the plurality of unregistered electronicmessage sources complies with target profile characteristics for anelectronic message received from unregistered electronic messagesources, determining whether the electronic message received from theone of the plurality of unregistered electronic message sources containsa virus.
 27. The method of claim 26, further comprising taking aremedial action if the electronic message received from the one of theplurality of unregistered electronic message sources contains a virus.28. The method of claim 27, wherein the remedial action comprisesperforming a notification.